metasploit | 2209ac09da78031d7bdcd91b05041e41a2dcbd0f2c842aa839ba3d18480e2c01

Analysis

max time kernel
147s
max time network
153s
platform
windows10-2004_x64
resource
win10v2004-20240319-en
resource tags

arch:x64arch:x86image:win10v2004-20240319-enlocale:en-usos:windows10-2004-x64system
submitted
31-03-2024 02:54

Target

4b3b4415e8aaea6546c3e956b4388aec_JaffaCakes118.exe
Size

1.0MB
MD5

4b3b4415e8aaea6546c3e956b4388aec
SHA1

a9a41c7de1a242c2b1d0bade7ee4751bceeeff31
SHA256

2209ac09da78031d7bdcd91b05041e41a2dcbd0f2c842aa839ba3d18480e2c01
SHA512

9be3a342c989e2c8997cb1daed6c3a1dd7ae80f7f5169e6750d4e8ced026517adae5c3bf1b598f2bb1d495c8fd92d70184762293a63a6275a3ba6cb3914f0d8c
SSDEEP

12288:8GC8RLSeH1Quj+rHVLV+SXpq2a9xKLwSgSh2me6n74CK1:XzNmuj+rHVLVumgSh2RCK1

Score

10^/10

Family

metasploit

Version

windows/download_exec

http://91.235.129.180:443/Sj6i

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\4b3b4415e8aaea6546c3e956b4388aec_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\4b3b4415e8aaea6546c3e956b4388aec_JaffaCakes118.exe"
1⤵
PID:2532

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4308 --field-trial-handle=2000,i,9877262470271371196,11878025205711850266,262144 --variations-seed-version /prefetch:8
1⤵
PID:1816

memory/2532-0-0x000001616D260000-0x000001616D261000-memory.dmp

Filesize
4KB

Download